<?php
/***user auth***/

class AdminAuth{
	private $db;							//数据库连接
	private $main_table='sys_admin';			//用户表
	private $group_table='sys_group';		//组别表
	private $power_table='sys_power';		//power表
	
	public function __construct($db){
		$this->db=$db;
	}

	public function __destruct(){
		unset($db);
	}


	public function check_login($username,$pwd){		
		// $sql="SELECT g_nav,g_title,g_view_power,g_act_power,g_act_power,g_groups,g_type,g_left,g_right,g_root,g_level,g_club_type,admin_id,admin_gid,admin_name,admin_check,admin_place,admin_last_login,admin_last_logout,admin_goods_power FROM ".$this->main_table.",".$this->group_table." WHERE admin_name='".inputSQL($username)."' AND admin_pwd='".base64_encode(md5(inputSQL($pwd)))."' AND admin_check='1' AND admin_gid = g_id  ";
		$sql="SELECT g_nav,g_title,g_view_power,g_act_power,g_act_power,g_groups,g_type,g_left,g_right,g_root,g_level,g_club_type,admin_id,admin_gid,admin_name,admin_check,admin_place,admin_last_login,admin_last_logout,admin_goods_power FROM ".$this->main_table.",".$this->group_table." WHERE admin_name='".inputSQL($username)."' AND admin_check='1' AND admin_gid = g_id  ";
		$check=$this->db->GetRow($sql);
		return $check;
	}

	public function login($username,$pwd){

		$row = $this->check_login($username,$pwd);

		if($row){
			$this->db->update($this->main_table,array("admin_last_login"=>time(),"admin_login_count"=>"admin_login_count+1"),"admin_id='".$row['admin_id']."'");

			$_SESSION['admin_power'] = $this->set_power($row['g_act_power']);	//后台登录,获取操作权限
			
			//my_print($row);
			switch($row['g_type']){												//获得职能权限
				case "1":
					$row['g_groups'] = ','.$this->get_function_tree($row['g_nav']).',';											//树形以下
				break;
				case "2":
					$row['g_groups'] = ','.$this->get_group_list($row['g_groups']).',';		//指定
				break;
				case "3":
					//$row['g_groups'] = ','.$this->get_group_list().',';						//全部
					$row['g_groups'] = '';	
				break;
				default:
					$row['g_groups'] = '';	
				break;	
				
			}

			//my_print($row['g_groups']);
			/*if($row['g_act_power']=='all'){
				$row['g_groups'] = $this->get_group_list();
			}*/
			$row['upload'] = '1';					//允许上传
			$_SESSION['admin_auth'] = $row;
			//setcookie("PHPSESSID", session_id(), time()+3600*4,'/',MYCOOKIE);
			//dump($_COOKIE);
			//$_SESSION['admin_groups'] =  $row['g_groups'];
			// dump($_SESSION);
			return true;
		}else{
			return false;
		}

	}
	
	public function get_function_tree($nav){
		//$this->db->setDebug(1,1);
		$ary =$this->db->getAll("SELECT g_id from ".$this->group_table." where LOCATE('".$nav."',g_nav)>0 ");
		foreach($ary as $k=>$v){
			$idlist .= $idlist ? ','.$v['g_id'] : $v['g_id'];	
		}

		return $idlist;
		
	}
	
	public function set_power($power_list){
		//$power_list = $this->db->GetOne("SELECT g_act_power FROM ".$this->group_table." WHERE g_id='".intval($gid)."' ");
		if(!$power_list){
			die("不能获取相应的权限表");
		}
		if($power_list=='all'){
			$new_data['power_type'] = '1';						//总管理员
		}else{
			$power = $this->db->GetAll("SELECT * FROM ".$this->power_table." WHERE power_id in ($power_list) ORDER BY power_controller");
			if($power){
				$action = '';
				$new_data = array();
				foreach($power as $k=>$v){
					$new_data['power_list'][] = $v['power_controller'].'-'.$v['power_action'];
				}
			}
			$new_data['power_type'] = '0';						//非总管理员
		}
	
		return $new_data;
	}


	public function get_power($power_list){
		//$power_list = $this->db->GetOne("SELECT g_act_power FROM ".$this->group_table." WHERE g_id='".intval($gid)."' ");
		if(!$power_list){
			die("不能获取相应的权限表");
		}
		if($power_list=='all'){	
		}else{
			$power = $this->db->GetAll("SELECT * FROM ".$this->power_table." WHERE power_id in ($power_list) ORDER BY power_controller");
			if($power){
				$pcontroller = '';
				$class_name = '';
				$pkey = 0;
				$new_data = array();
				foreach($power as $k=>$v){
					if($pcontroller != $v['power_controller']){
						$pcontroller = $v['power_controller'];
						$pkey ++;
						$v['class'] = 'power'.$pcontroller.$pkey;
						$new_data[$pkey] = $v;
					}
					$v['class'] = 'power'.$pcontroller.$pkey;
					$new_data[$pkey]['child'][] = $v;
				}
			}
		}
		return $new_data;
	}

	public function check_power($action){
		if($_SESSION['admin_power']['power_type']=='1'){				//总管理员不判断
			return true;
		}else{
			if(in_array($action,$_SESSION['admin_power']['power_list'])){
				return true;
			}else{
				return false;
			}
		}
	}

	public function get_admin_info(){
		return $_SESSION['admin_auth'];
	}

	public function logout(){
		$userinfo = $this->get_admin_info();
		$this->db->update($this->main_table,array("admin_last_logout"=>time()),"admin_id='".$userinfo['admin_id']."'");
		unset($_SESSION['admin_auth']);
		unset($_SESSION['admin_power']);
		//setcookie("PHPSESSID", session_id(), time()-3600,'/',MYCOOKIE);
	}

	//判断是否登录了
	public function check_islogin(){
		if(is_array($_SESSION['admin_auth']) && $_SESSION['admin_auth']['g_act_power']){
			return true;
		}else{
			return false;
		}
	}
	
	private function get_group_list($idlist=''){
		$where =$idlist ? " where g_root in (".$idlist.")" : '';
		$sql = "SELECT g_id FROM ".$this->group_table.$where;	
		$data = $this->db->getAll($sql);
		$list  = '';
		foreach($data as $item){
			$list .= $list ? ','.$item['g_id'] : $item['g_id'];
		}
		return $list;
	}
	
	/*
         * @param int $gid field
         * @param int $status field
         * @return string user id list
         */
	public function get_user_list($gid,$status='1'){
		$sql = "SELECT g_nav,g_root FROM ".$this->group_table." WHERE g_id='".intval($gid)."'";
		$row = $this->db->getRow($sql);
		if($row){					
			$sql2 = "SELECT admin_id FROM ".$this->main_table." WHERE admin_work_status!='2' AND LOCATE('".$row['g_nav']."',g_nav)>0 ";
			if(is_numeric($status)){													//指定在职的
				$sql2 .= " AND admin_check='".$status."'";
			}
			$data = $this->db->getAll($sql2);
		}
		$list='';
		if($data){
			foreach($data as $item){
				$list .= $list ? ','.$item['admin_id'] : $item['admin_id'];
			}
		}
		
		return $list;
	}
	
	/*
         * @param int $uid field
         * @return string user name list
         */
	public function get_user_name($uid){
		$sql = "SELECT admin_name FROM ".$this->main_table." WHERE admin_id IN (".$uid.")";
		$row = $this->db->getAll($sql);
		
		
		return $row;
	}
	//判断会员级别
/*	public function check_login_level($type=0){
		$admin_info = $this->get_admin_info();
		if(!$admin_info)
			return false;
		$level = $admin_info['admin_level'];
		if($level>=$type){
			return true;
		}else{
			return false;
		}

	}*/

        /*
         * @param int $gid field
         * @param int $uid field
         * @param int $self
         * @return string sql condition
         */
        public function add_condition($gid,$uid,$self){
            $condition = '';
            $admin_info = $this->get_admin_info();
			if(intval($self=='1'))                                                   //自己的条件
                return " AND ".$uid." ='".$admin_info['admin_id']."'";
				
            if($admin_info['g_act_power']!='all'){
				
                switch ($admin_info['g_type']){
                    //0獨自,1樹開型,2,指定範圍,3全部
                    case "3":                                                       //全部
                        break;
                    case "2":                                                       //指定範圍
                    case "1":                                                       //树型
					 	$condition = " AND LOCATE( concat(',',".$gid.",','),'".$admin_info['g_groups']."')>0";
                        //$condition = " AND ".$gid." between ".$admin_info['g_left']." AND ".$admin_info['g_right'];
                        break;
                    default:                                                        //自身型
                        $condition = " AND ".$uid." ='".$admin_info['admin_id']."'";
                        break;

                }
            }
            return $condition;
        }
		
		

		
		public function check_condition($gid,$uid){
			$admin_info = $this->get_admin_info();
			if($admin_info['g_act_power']=='all'){
				 return true;
			}else{
				 if($uid==$admin_info['admin_id']){
					return true;
				 }
				 switch ($admin_info['g_type']){
					case '3':
						return true;
					break;
					case '2':
					case '1':
						if(check_contain($admin_info['g_groups'],$gid)){
							return true;	
						}else{
							return false;
						}
					break;
					default:
						if($uid==$admin_info['admin_id']){
							return true;
						}else{
							return false;
						}
					break;
				 }
				
			}
			
		}



        
}



?>